Candidates shall also have specialized experience in one of the following areas:
a) Monitoring and Detection Analyst: Candidates shall have a minimum of three (3) years of professional experience in cybersecurity, information risk management, or information systems risk assessment, and must be knowledgeable in many areas such as: Vulnerability Assessments,
Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Data Loss Prevention, Encryption, Two‐Factor Authentication, Web‐filtering, and Advanced Threat
b) Incident Response Analyst: Candidates shall have a minimum of three (3) years of professional experience responding to information system security incidents and an ability to use the DHS furnished toolset to identify and determine root causes of incidents and provide any required documentation and possible evidence to authorized personnel who carry legal or investigative authorities.
c) Cyber Intelligence Analyst: Candidates shall have at least three (3) years of professional experience in incident detection and response and/or cyber intelligence analysis, and a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.* Title will display on Leidos.com. Do not use the standard title in this field (e.g. Software Developer IV vs Senior Java Developer). The right job posting title can make a big difference not only in whether a candidate clicks on your job but it showing up in search results. Do not use acronyms or internal only terms.
Serves as a Tier 2 cyber security analyst supporting one or more of the following areas:
- incident response
- monitoring and detection
- cyber intelligence analysis
Candidates must have extensive experience working with various security methodologies and processes, advanced knowledge of TCP/IP protocols, experience configuring and implementing various of technical security solutions, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices. Must possess expert knowledge in two or more of the following areas: Vulnerability Assessment, Intrusion Prevention and Detection, Access Control and Authorization, Policy Enforcement, Application Security, Protocol Analysis, Firewall Management, Incident Response, Encryption, Web‐filtering, Advanced Threat Protection.
Ability to obtain public trust clearance.
Minimum five (5) years of professional experience in incident detection and response, malware analysis, or cyber forensics
In addition, minimum of three (3) years of specialized experience in one or more of the following areas:
- Monitoring and detetion
- Incident Response
- Cyber security analysis
At least one of the following certifications
SANS: GCIH, GCIA
Experience with Cyber Kill Chain.
EDUCATION & EXPERIENCE: Typically requires BS and 4 - 8 years of prior relevant experience or Masters with 2 - 6 years of prior relevant experience.